IT threat evolution Q2 2021
Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools...
IT threat evolution in Q2 2021. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly...
IT threat evolution in Q2 2021. PC statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly...
Http-Request-Smuggling – HTTP Request Smuggling Detection Tool
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request...
AlanFramework – A Post-Exploitation Framework
Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider to sponsor...
Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers
Threat actors behind the Magniber Ransomware are using PrintNightmare exploits in attacks aimed at Windows servers. Threat actors behind the...
Microsoft warns of a new unpatched Windows Print Spooler RCE zero-day
Microsoft is warning of another zero-day Windows print spooler vulnerability, tracked as CVE-2021-36958, that could allow local attackers to gain...
Threat actors behind the Poly Network hack are returning stolen funds
The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds....
Accenture has been hit by a LockBit 2.0 ransomware attack
Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT...
UNC215, an alleged China-linked APT group targets Israel orgs
China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing...
CVE-2021-38202
Summary: fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read...
CVE-2021-38201
Summary: net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access)...
CVE-2021-1610
Summary: Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN...
CVE-2021-32772
Summary: Poddycast is a podcast app made with Electron. Prior to version 0.8.1, an attacker can create a podcast or...
CVE-2018-8172
Summary: A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup...
Twitter says it out loud: Removing anonymity will not stop online abuse
An investigation by Twitter into racist tweets levied against three Black players on the English football team following the national...
If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam
Rogue QR code antics have been back in the news recently. They’re not exactly a mainstay of fakery, but they...
Thief pulls off colossal, $600m crypto-robbery …and gives the money back
The largest crypto-robbery in history is rapidly turning into the most bizarre as well. Let’s start at the beginning… In...
PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday
The sheer number of patches (44 security vulnerabilities) should be enough to scare us, but unfortunately we have gotten used...
Cinobi Banking Malware Targets Japanese Cryptocurrency Exchange Users via Malvertising Campaign
Researchers at Trend Micro discovered a new social engineering-based malvertising campaign targeting Japanese users with a malicious application disguised as...
Android Malware ‘FlyTrap’ Hacks Facebook Accounts
A new Android trojan has been discovered to breach the Facebook accounts of over 10,000 people in at least 144...
IISpy: Installs Backdoor on Microsoft’s Web Server Software
Cybersecurity investigators have detected malware that could deploy backdoor Internet Information Services (IIS) on Microsoft's Web server software. Labeled IISpy,...
FBI Told Congress That Ransomware Payments Shouldn’t be Prohibited
After meeting with the business sector and cybersecurity experts, the Biden administration backed away from the concept of barring ransomware...
Wsh – Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
